 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Walkirio
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2016
Posts: 4
Location: Italy
|
 Posted: Tue Feb 09, 2016 9:32 am Post subject: [C++] Pointer +adding offset problem |
 |
|
Hello guys,
I was trying to make a simple trainer for WARFRAME.
I got a 5 level pointer,i calculate it and i get '0'.
I cant understand where i fail,can you help me ?
This is the FULL code :
| Code: |
#include "stdafx.h"
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
using namespace std;
DWORD dwGetModuleBaseAddress(DWORD dwProcessID, TCHAR *lpszModuleName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessID);
DWORD dwModuleBaseAddress = 0;
if (hSnapshot != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 ModuleEntry32 = { 0 };
ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnapshot, &ModuleEntry32))
{
do
{
if (_tcscmp(ModuleEntry32.szModule, lpszModuleName) == 0)
{
dwModuleBaseAddress = (DWORD)ModuleEntry32.modBaseAddr;
break;
}
} while (Module32Next(hSnapshot, &ModuleEntry32));
}
CloseHandle(hSnapshot);
}
return dwModuleBaseAddress;
/*_________________________________________________________________________________________________________________________________*/
}
int main()
{
int value = 0;
int hack_ammo = 99;
HWND hwindow = 0;
while (hwindow == 0)
{
cout << "Handle in corso\n";
hwindow = FindWindow(NULL, L"WARFRAME");
Sleep(1000);
}
cout << "Handle Riuscito\n";
DWORD dwProcessID = -1;
GetWindowThreadProcessId(hwindow, &dwProcessID);
if (dwProcessID == -1)
{
cout << "ProcessID non acquisito..\n";
}
HANDLE hGameHandle = OpenProcess(PROCESS_ALL_ACCESS, false, dwProcessID);//
DWORD EXE = dwGetModuleBaseAddress(dwProcessID, L"Warframe.x64.exe");
cout << "Proecess id : " << dwProcessID << " Base Address : " << EXE<<endl;
DWORD thebase = EXE + 0x01A4DC50;
DWORD thefirst = thebase + 0x510;
DWORD thesecond = thefirst + 0x520;
DWORD thethird = thesecond + 0x7f0;
DWORD thefourth = thethird + 0x4c8;
DWORD thefinal = thethird + 0x140;
while (true)
{
ReadProcessMemory(hGameHandle, (void*)thefinal, &value, sizeof(value), 0);
cout <<"Ammo = "<<value<<endl;
if (GetAsyncKeyState(VK_INSERT))
WriteProcessMemory(hGameHandle, (void*)thefinal, &hack_ammo, (DWORD)sizeof(hack_ammo), NULL);
Sleep(1000);
}
return 0;
}
|
| Description: |
|
| Filesize: |
151.15 KB |
| Viewed: |
9774 Time(s) |
|
_________________
Trying to make some serious trainer. |
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Tue Feb 09, 2016 10:47 am Post subject: |
|
|
While you put thethird instead of thefourth when assigning thefinal, that's not your main problem. You're not dereferencing the pointers as you traverse the pointer path.
Pointers are addresses that store another memory address. Hence, you have to read from the pointer to find out where it's going. All you're doing is just taking the EXE and adding a bunch of offsets to it without reading anything.
If you want thefinal to be the address and not the value, then just do ReadProcessMemory or something on thebase, thefirst, thesecond, thethird, and thefourth (leave out the offsets).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Walkirio
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2016
Posts: 4
Location: Italy
|
| Posted: Tue Feb 09, 2016 12:53 pm Post subject: |
|
|
Okay,thanks for your answer.
Can you give me an example with some code?
Because i tried,but maybe i didnt understand the point of what you meant.
The code that i tried :
| Code: |
ReadProcessMemory(hGameHandle, (void*)thebase, &thebase, sizeof(thebase), 0);
ReadProcessMemory(hGameHandle, (void*)thefirst, &thefirst, sizeof(thefirst), 0);
ReadProcessMemory(hGameHandle, (void*)thesecond, &thesecond, sizeof(thesecond), 0);
ReadProcessMemory(hGameHandle, (void*)thethird, &thethird, sizeof(thethird), 0);
ReadProcessMemory(hGameHandle, (void*)thefourth, &thefourth, sizeof(thefourth), 0);
ReadProcessMemory(hGameHandle, (void*)thefinal, &thefinal, sizeof(thefinal), 0);
tot = thebase + thefirst + thesecond + thethird + thefourth + thefinal;
ReadProcessMemory(hGameHandle, (void*)tot, &tot, sizeof(tot), 0);
|
_________________
Trying to make some serious trainer. |
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Tue Feb 09, 2016 1:22 pm Post subject: |
|
|
Pseudo-code:
| Code: | DWORD thebase = EXE + 0x01A4DC50;
DWORD thefirst = readAddress(thebase) + 0x510;
DWORD thesecond = readAddress(thefirst) + 0x520;
DWORD thethird = readAddress(thesecond) + 0x7f0;
DWORD thefourth = readAddress(thethird) + 0x4c8;
DWORD thefinal = readAddress(thefourth) + 0x140; |
... where readAddress(...) basically reads the 4 byte address stored at the address of the pointer you specify.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Walkirio
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2016
Posts: 4
Location: Italy
|
| Posted: Tue Feb 09, 2016 2:55 pm Post subject: |
|
|
| Code: |
ReadProcessMemory(hGameHandle, (void*)(thebase+0x510), &thefirst, sizeof(thefirst), 0);
ReadProcessMemory(hGameHandle, (void*)(thefirst+0x520), &thesecond, sizeof(thesecond), 0);
ReadProcessMemory(hGameHandle, (void*)(thesecond+0x7f0), &thethird, sizeof(thethird), 0);
ReadProcessMemory(hGameHandle, (void*)(thethird+0x4c8), &thefourth, sizeof(thefourth), 0);
ReadProcessMemory(hGameHandle, (void*)(thefourth+0x140), &thefinal, sizeof(thefinal), 0);
|
Thank you for the answer,Sir.
Can be that the solution?
_________________
Trying to make some serious trainer. |
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Tue Feb 09, 2016 4:03 pm Post subject: |
|
|
The beginning is probably wrong:
| Code: | thebase = EXE + 0x1A4DC50
thefirst = readAddress(thebase+0x510)
= readAddress(EXE + 0x1A4DC50 + 0x510)
// not dereferencing EXE + 0x1A4DC50 before adding offset 0x510 |
And even if it wasn't, the last ReadProcessMemory would get you the value of the end address of the pointer chain, not the address itself.
You should understand pointers first before you start messing with them.
CE Topic on pointers
Wikipedia
YouTube video
More information
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Walkirio
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2016
Posts: 4
Location: Italy
|
| Posted: Tue Feb 09, 2016 4:58 pm Post subject: |
|
|
Okay,thanks.
i will learn them before continue trainers.
_________________
Trying to make some serious trainer. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
